Merge pull request #120 from bura/fix-clickjacking-url

Fixed broken url to Clickjacking description.
This commit is contained in:
Rob Winch 2014-09-01 22:29:39 -05:00
commit 96ea4ddc7b

View File

@ -3566,7 +3566,7 @@ public class WebSecurityConfig extends
[[headers-frame-options]]
==== X-Frame-Options
Allowing your website to be added to a frame can be a security issue. For example, using clever CSS styling users could be tricked into clicking on something that they were not intending (http://www.youtube.com/watch?v=3mk0RySeNsU[video demo]). For example, a user that is logged into their bank might click a button that grants access to other users. This sort of attack is known ashttp://en.wikipedia.org/wiki/Clickjacking[Clickjacking].
Allowing your website to be added to a frame can be a security issue. For example, using clever CSS styling users could be tricked into clicking on something that they were not intending (http://www.youtube.com/watch?v=3mk0RySeNsU[video demo]). For example, a user that is logged into their bank might click a button that grants access to other users. This sort of attack is known as http://en.wikipedia.org/wiki/Clickjacking[Clickjacking].
[NOTE]
====